git: c2a005a0a97d - main - net80211: add new ciphers and RSN flags

From: Adrian Chadd <adrian_at_FreeBSD.org>
Date: Thu, 09 May 2024 00:49:45 UTC
The branch main has been updated by adrian:

URL: https://cgit.FreeBSD.org/src/commit/?id=c2a005a0a97d98472d81c5c9606e5d6e546dd40a

commit c2a005a0a97d98472d81c5c9606e5d6e546dd40a
Author:     Adrian Chadd <adrian@FreeBSD.org>
AuthorDate: 2024-04-19 14:05:44 +0000
Commit:     Adrian Chadd <adrian@FreeBSD.org>
CommitDate: 2024-05-09 00:49:34 +0000

    net80211: add new ciphers and RSN flags
    
    These are the rest of the ciphers and RSN flags from 802.11-2016.
    
    * add the rest of the ciphers from 802.11-2016
    * add the rest of the RSN flags from 802.11-2016
    
    Of special interest here are the extended key ID field for supporting
    >1 unicast key (to support seamless rekeying w/out dropping frames)
    and the MFP (management frame protection) config bits.
    
    This is a no-op; no code is using these new fields.
    (In particular, no code in net80211 uses the RSN capability bits;
    but that will change when we start on MFP support.)
    
    Differential Revision:  https://reviews.freebsd.org/D44864
---
 sys/net80211/ieee80211.h | 67 ++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 54 insertions(+), 13 deletions(-)

diff --git a/sys/net80211/ieee80211.h b/sys/net80211/ieee80211.h
index 47e496bf42a1..fe2a0a7f3b64 100644
--- a/sys/net80211/ieee80211.h
+++ b/sys/net80211/ieee80211.h
@@ -1266,7 +1266,7 @@ struct ieee80211_csa_ie {
 #define	WPA_CSE_NULL		0x00
 #define	WPA_CSE_WEP40		0x01
 #define	WPA_CSE_TKIP		0x02
-#define	WPA_CSE_CCMP		0x04
+#define	WPA_CSE_CCMP		0x04		/* CCMP 128-bit */
 #define	WPA_CSE_WEP104		0x05
 
 #define	WPA_ASE_NONE		0x00
@@ -1275,21 +1275,62 @@ struct ieee80211_csa_ie {
 
 #define	WPS_OUI_TYPE		0x04
 
+/* 802.11-2016 Table 9-131 - Cipher Suite Selectors */
 #define	RSN_OUI			0xac0f00
 #define	RSN_VERSION		1		/* current supported version */
 
-#define	RSN_CSE_NULL		0x00
-#define	RSN_CSE_WEP40		0x01
-#define	RSN_CSE_TKIP		0x02
-#define	RSN_CSE_WRAP		0x03
-#define	RSN_CSE_CCMP		0x04
-#define	RSN_CSE_WEP104		0x05
-
-#define	RSN_ASE_NONE		0x00
-#define	RSN_ASE_8021X_UNSPEC	0x01
-#define	RSN_ASE_8021X_PSK	0x02
-
-#define	RSN_CAP_PREAUTH		0x01
+/* RSN cipher suite element */
+#define	RSN_CSE_NULL		0
+#define	RSN_CSE_WEP40		1
+#define	RSN_CSE_TKIP		2
+#define	RSN_CSE_WRAP		3		/* Reserved in the 802.11-2016 */
+#define	RSN_CSE_CCMP		4		/* CCMP 128 bit */
+#define	RSN_CSE_WEP104		5
+#define	RSN_CSE_BIP_CMAC_128	6
+/* 7 - "Group addressed traffic not allowed" */
+#define	RSN_CSE_GCMP_128	8
+#define	RSN_CSE_GCMP_256	9
+#define	RSN_CSE_CCMP_256	10
+#define	RSN_CSE_BIP_GMAC_128	11
+#define	RSN_CSE_BIP_GMAC_256	12
+#define	RSN_CSE_BIP_CMAC_256	13
+
+/* 802.11-2016 Table 9-133 - AKM suite selectors */
+/* RSN AKM suite element */
+#define	RSN_ASE_NONE		0
+#define	RSN_ASE_8021X_UNSPEC	1
+#define	RSN_ASE_8021X_PSK	2
+#define	RSN_ASE_FT_8021X	3		/* SHA-256 */
+#define	RSN_ASE_FT_PSK		4		/* SHA-256 */
+#define	RSN_ASE_8021X_UNSPEC_SHA256	5
+#define	RSN_ASE_8021X_PSK_SHA256	6
+#define	RSN_ASE_8021X_TDLS	7		/* SHA-256 */
+#define	RSN_ASE_SAE_UNSPEC	8		/* SHA-256 */
+#define	RSN_ASE_FT_SAE		9		/* SHA-256 */
+#define	RSN_ASE_AP_PEERKEY	10		/* SHA-256 */
+#define	RSN_ASE_8021X_SUITE_B_SHA256	11
+#define	RSN_ASE_8021X_SUITE_B_SHA384	12
+#define	RSN_ASE_FT_8021X_SHA384	13
+
+/* 802.11-2016 Figure 9-257 - RSN Capabilities (2 byte field) */
+#define	RSN_CAP_PREAUTH		0x0001
+#define	RSN_CAP_NO_PAIRWISE	0x0002
+#define	RSN_CAP_PTKSA_REPLAY_COUNTER	0x000c	/* 2 bit field */
+#define	RSN_CAP_GTKSA_REPLAY_COUNTER	0x0030	/* 2 bit field */
+#define	RSN_CAP_MFP_REQUIRED	0x0040
+#define	RSN_CAP_MFP_CAPABLE	0x0080
+#define	RSN_CAP_JOINT_MULTIBAND_RSNA		0x0100
+#define	RSN_CAP_PEERKEY_ENABLED	0x0200
+#define	RSN_CAP_SPP_AMSDU_CAPABLE	0x0400
+#define	RSN_CAP_SPP_AMSDU_REQUIRED	0x0800
+#define	RSN_CAP_PBAC_CAPABLE	0x1000
+#define	RSN_CAP_EXT_KEYID_CAPABLE	0x0200
+
+/* 802.11-2016 Table 9-134 PTKSA/GTKSA/STKSA replay counters usage */
+#define		RSN_CAP_REPLAY_COUNTER_1_PER	0
+#define		RSN_CAP_REPLAY_COUNTER_2_PER	1
+#define		RSN_CAP_REPLAY_COUNTER_4_PER	2
+#define		RSN_CAP_REPLAY_COUNTER_16_PER	3
 
 #define	WME_OUI			0xf25000
 #define	WME_OUI_TYPE		0x02